Vulnerability: Cross Site Scripting (XSS) Affected Software: WordPress Donations Made Easy – Smart Donations Plugin Vulnerable Versions: <= 4.0.12 Priority: Medium CVSS Score: 7.1 Status: No official fix available; vPatch available Risks: This vulnerability is moderately dangerous and expected to become exploited. It could allow a malicious actor to inject malicious scripts into the website. Solutions: Automatically mitigate vulnerabilities and keep your websites safe using Patchstack's virtual patch. The virtual patch blocks any attacks until an official fix becomes available. Timeline: - Reported by thiennv: 27 Mar 2023 - Early warning sent out to Patchstack customers: 18 Aug 2023 - Published by Patchstack: 20 Aug 2023 Additional Information: No VDP (Vulnerability Disclosure Program) is mentioned.